To address vulnerabilities, Palo Alto Networks has released an emergency content update.
This provides updated detection of both CVE-2014-7169 and the previous CVE-2014-6271 vulnerability with an update to the IPS vulnerability Signature ID: 36729 “Bash Remote Code Execution Vulnerability” with “Critical” severity and default action of “Alert”.
Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices.
If you are an Open Reality and BrightCloud customer using our hosted Palo Alto firewall services, you are already protected via our service guarantee.
All other Palo Alto users should review their policies and ensure the desired actions are enabled for your environment.
If you have any questions about coverage for this advisory, feel free to contact our support services team on 01235 556400 or firstname.lastname@example.org and we will be able to provide immediate support.